Simplified OAuth Config for Oracle Integration Cloud REST API using Postman !!!

This blog will be discussing very specific use case requirement which is more developer oriented and providing a quicker and efficient solution to invoke Oracle Integration REST API using OAuth access_token for testing purpose.

As an integration developer time to time you need to invoke Oracle Integration REST API to test API functionality. All the REST API in OIC needs a header parameter called “Authorization” which must needs to hold a valid access_token value in this format “Bearer access_token“.

In above format, “Bearer” is static world, However, access_token is the token value which we get after successfully OAuth Authentication from Oracle Identity Cloud Service.  Getting access_token from IDCS using code credentials flow is multi steps and cumbersome process.

However, developer can leverage Postman environment and variable features to simplify the process of getting access_token. That’s what, I will be covering in this blog.

Before I proceed further, I must redirect you to read my colleague blog which has greater in-depth explanation about what is IDCS, how IDCS govern security aspect of all Oracle PaaS products such as Oracle Integration Cloud, Analytics Cloud, Digital Assistant and so on and OAuth client and token generation process etc. I am recommending you to read his blog because I will be using few artefacts e.g. IDCS URL, Client ID, Client Secret etc which we need to get from IDCS OAuth Client Application as per the process given in his blog.

So, I believe once you go through Callan blog, you already understand the concept of OAuth client application, client id, secret code and scope etc. and either you or Your Identity Administrator already created an OAuth Client Application with proper privilege. Now, either your Identity Administrator will provide you all these artefacts or you can login into IDCS and get those artefacts by yourself assuming OAuth Client Application already been created by your Identity Administrator.

So, here are simple steps to capture IDCS URL, Client Id, Client Secret and Scope for given OAuth Trusted client application.

Getting OAuth Trusted Client Application Artefacts

IDCS URL –

login to your Cloud Account Dashboard >>  Navigate to Account Management >> Users >> Identity

14

From user management home page, click “Identity Console”

15.png

This will take to you IDCS console where you can IDCS URL and also find OAuth Clint trusted application which you administrator has created –

16.png

Browser URL will show IDCS URL e.g.
idcs-url = https://idcs-56c3577bb024452b89496a0db95XXXX.identity.oraclecloud.com

Client Id and Client Secret-

Under application find out the OAuth Client application which you administrator has created for you, click on that, further click configuration tab page to get Client ID, Client Secret and Scope value.

e.g. client id = 0650C696C98345D4A07548xxxxxx38D5C_APPID

client-secret = 6b296da5-459d-4fbxxxxxd749a65a53

1

Scope –

For scope click on resource option. Scope value is the concatenated value of two separate values a) Primary Audience and b) scope

Copy and paste these values in notepad subsequently to make scope value finally.

e.g.  https://0650C696C98345D4A0xxvvxvxv67838D5C.integration.ocp.oraclecloud.com:443urn:opc:resource:consumer::all

2

OIC Artefacts-

In addition to IDCS URL, Client ID, Client Secret. We also need OIC URL, OIC Username and Password which I assume you must be knowing already.

Invoking /oauth2/v1/token” REST API

Once  all the attributes values are ready, jump to postman and create a new environment with all these variable, so that we can refer these variable values programmatically in postman.

17.png

 

19

Now, Invoke the “/oauth2/v1/token” API and pass above parameter as per given snap –

Authorization tab – select basic auth and provide {{clientId}} and {{clientsecret}} for username and password fields.

7

Under body tab specify all other parameters such as grant_type=password, scope={{scope}}, username={{username}}, password={{password}}

During run time postman will fetch the static values assigned to these environment variables.

11

Make sure header is properly selected

8

finally, hit the send button and you will get auth_token back from IDCS

10

So, now you got the access_token code, its JWT base64 encoded string value, if you want to see decoded value of this encoded string, you may use https://jwt.io/ debugger site to decode that code.

Now, since we already got the access_token, next steps to invoke actual OIC REST API endpoint. It could be any OIC REST API. In my case I was calling Connection REST API, to fetch connection metadata.

In order to call connection REST API, we need to pass the access_token which we have got in previous step, coping access_token manually and passing in header could be error prone steps. Again, Postman is saviour here.

We can leverage “Test” tab page of Postman where we write small java script to hold the access_token value into a variable called “Authorization” and use this variable while invoking any OIC REST API.

Here, is that tiny java script code –

var jsonData = JSON.parse(responseBody);
postman.setEnvironmentVariable("authorization", "Bearer " +jsonData.access_token);

18.png

Invoking OIC Connection REST API-

Now, once you hit /oauth2/v1/token API, this java script code will store access_token value into a variable called “Authorization” which you can use while invoking OIC Connection REST API.  Just specify authorization variable (holding access_token value) and hit send button to connection REST API.

12

That’s it. You should be able to invoke any OIC REST API using above method, its one-time effort but save you lot in future.

I hope, this blog will help you to understand how easily and simply you can invoke OIC REST API.

Stay tuned for more useful blog!!!

Happy Blogging 🙂

Author: Manish Kumar Gupta

I am currently designated as Principal Presales Consultant in Oracle, Sydney, Australia. Having 17 + years professional experience. Currently Looking after presales activites for iPaaS related Cloud Offering e.g. Oracle SOA Cloud Services (OSCS), Oracle Integration Cloud Service (OIC), MFT and Oracle API Platform etc. In past I have worked for many small to large companies. I have played various roles such as Integration Solution Architect / Integration Technical Architect / Integration Team Lead / Integration Specialist / SOA Infrastructure Admin / SOA Designer and SOA Developer in multiple companies. I have worked in various OFMW products such as Weblogic, OSB, BAM, SOA Suite, OWSM and Mediator etc. I have good hands-on experience in SOA Administration as well. In addition to that, have handful experience of SOA Architecture, Analysis, Design, Development, SIT Testing, Performance and Load Testing, Production and Post-Production Support for SOA projects.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s